SOX Compliance

Protect SAP data and adhere to Sarbanes-Oxley

While it’s unclear exactly what the federal U.S. government’s latest plans are for industry accountability and ethics enforcement, one thing is certain: more regulation is on the way. Leveraging industry standard solutions to assist in establishing your governance, risk and compliance (GRC) without an integrated usability platform may be a risky initiative. This is where Winshuttle comes in.

Winshuttle products protect SAP transactional data in a manner that meets regulatory compliance requirements such as Sarbanes-Oxley (SOX) and the EU’s 8th Company Law Directive, by preserving SAP’s role-based security. For SAP, this ensures that data management is performed by authorized users only on a least privileged access basis.

White paper

Easing SOX Compliance

In companies that have implemented SAP, two of the most common open SOX audit issues are: 1) users in the IT departments have very broad access to production data in SAP, and 2) with access to SAP transactions such as SAP Query, QuickViewer, and Table Browser (SQ01/SQV1/SE16), SAP users become high data security risks. This white paper describes how companies can give SAP users control of their own data, and not only improve their compliance to the Sarbanes Oxley Act, but also improve corporate productivity.

In companies that have implemented SAP, one of the most common open Sarbanes-Oxley (SOX) audit issues is that users in the IT departments have very broad access to production data in SAP. Therefore, companies are finding that they have to take many data access privileges away from IT users. This has severely limited the ability of IT support staff to assist in routine data maintenance activities. Thus, there is a pressing need at many companies for business users to be responsible for their own production data maintenance activities.

Another example of potential SOX audit issues would be the segregation of duties as it relates to simple processes such as entering a financial transaction by an SAP end user and having that transaction approved for SAP posting by a financial manager. There are numerous examples of workflow related segregation of duties that Winshuttle Central can provide a foundation for implementing in a Microsoft SharePoint environment.

With Winshuttle, you can give business users control of their own data, and not only comply with SOX, but also improve SAP user productivity.

Product demo

Winshuttle Transaction

Watch the Winshuttle Transaction Demo

See how Winshuttle Transaction makes it easy for virtually any user to securely record the steps to complete any SAP transaction and map to Excel or other familiar application. This template can then be used to automate any process, while using native SAP security and authorizations. Transaction can also create a web service based on a recorded transaction. Watch the demo to see how it works.